<?php
/**
* API endpoint to return a list with the latest images
*/
require_once 'medoo.min.php';
require_once 'config.php';
require_once 'functions.php';
/**
* Retrieve a list of info from the database
*/
function get_latest_images($database, $limit = 5)
{
$datas = $database->select('images', array('stime', 'created', 'id', 'title', 'description', 'first_name'), array('LIMIT' => $limit, 'ORDER' => 'stime DESC'));
return $datas;
}
$results = get_latest_images($database, NUMBER_OF_IMAGES);
/* Generate output */
generate_json_output($results);
/////////////////////////////////////////////
// load map from db
// in 'id' : map id
// in 'hash': edit hash
// out: 'out' formatted json
$id = intval(@$_REQUEST['id']);
$hash = @$_REQUEST['hash'];
$action = @$_REQUEST['action'];
$format = @$_REQUEST['format'];
if (($action == 'load' || empty($action)) && $id) {
$row = $dbapi->fetchRow("SELECT * FROM personal_map WHERE id = ?", array($id));
if ($format === "gpx") {
generate_gpx_output($row);
} else {
// Default format
generate_json_output($row, $hash);
}
// only format that needs hash for administration
} else {
if ($action == 'save') {
if ($id > 0) {
$row = $dbapi->fetchRow("SELECT admin_hash FROM personal_map WHERE id = ?", array($id));
if (!$row) {
header("HTTP/1.0 404 Not found");
} else {
if ($row["admin_hash"] !== $hash) {
header("HTTP/1.0 403 Authentication required");
} else {
$map_name = html_escape(@$_REQUEST['name'], 45);
$map_description = html_escape(@$_REQUEST['description'], 1024);
$json_data = json_encode(json_to_data(@$_REQUEST['data']));
/**
* Check how many errors there's in the form data
*/
function errorsInForm($postData)
{
$errors = array();
// first_name
if (!$postData['first_name']) {
array_push($errors, 'first_name');
}
// email
if ($postData['email'] != "" and !filter_var($postData['email'], FILTER_VALIDATE_EMAIL) or $postData['email'] == "") {
array_push($errors, 'email');
}
return $errors;
}
// --------- PROCESS ---------
// Input
$postData = getPostData();
$errorsInForm = errorsInForm($postData);
if (count($errorsInForm) == 0) {
$data = array('first_name' => $postData['first_name'], 'email' => $postData['email']);
signupEngagingNetworks($data);
}
// --------- Output Json
$response = array();
$response['error_count'] = count($errorsInForm);
$response['errors'] = $errorsInForm;
$response['post'] = $postData;
generate_json_output($response);
<?php
/**
* API endpoint to insert an image
*/
require_once 'medoo.min.php';
require_once 'config.php';
require_once 'functions.php';
/**
* Insert data into the images database
*/
function insert_image($database, $post)
{
$database->insert('images', array('stime' => microtime(true), 'created' => date("Y-m-d H:i:s"), 'id' => $post['id'], 'deletehash' => $post['deletehash'], 'title' => $post['title'], 'description' => $post['description'], 'first_name' => $post['first_name'], 'email' => $post['email'], 'ip' => $post['ip']));
}
$post = array();
$post['id'] = isset($_POST['id']) ? clean_input(filter_var($_POST['id'], FILTER_SANITIZE_STRING), 10) : '';
$post['deletehash'] = isset($_POST['deletehash']) ? clean_input(filter_var($_POST['deletehash'], FILTER_SANITIZE_STRING), 20) : '';
$post['title'] = isset($_POST['title']) ? clean_input(filter_var($_POST['title'], FILTER_SANITIZE_STRING), 140) : '';
$post['description'] = isset($_POST['description']) ? clean_input(filter_var($_POST['description'], FILTER_SANITIZE_STRING), 640) : '';
$post['first_name'] = isset($_POST['first_name']) ? clean_input(filter_var($_POST['first_name'], FILTER_SANITIZE_STRING), 140) : '';
$post['email'] = isset($_POST['email']) ? clean_input(filter_var($_POST['email'], FILTER_SANITIZE_EMAIL), 140) : '';
$post['ip'] = isset($_SERVER['REMOTE_ADDR']) ? clean_input(filter_var($_SERVER['REMOTE_ADDR'], FILTER_SANITIZE_STRING), 45) : '';
insert_image($database, $post);
/* Generate jSON output */
$output = array();
$output['OK'] = "It's OK";
generate_json_output($output);
